我目前在向负载平衡后端发出 POST 请求时遇到问题。 (负载均衡器由 Cloudflare 管理)。
直接向各个服务器发出 POST 请求不会造成任何问题。也不会发出 GET 请求(即使通过负载平衡器)。
但是,当我通过负载均衡器的 URL 发出 POST 请求时,它返回 405 错误。
我试图创建的逻辑如下:
request (with basic authentication)
→
Cloudflare load balancer
→
server
→
server's localhost:<special port>
这不是我的专业领域,但我怀疑这与我的 Nginx 配置有关。 每个服务器都配置了一个 proxy_pass 以重定向到特定的本地主机端口。
这是我的<website>.com.conf
:
server {
server_name <site>;
location / {
proxy_pass http://localhost:<port>;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $proxy_protocol_addr;
proxy_set_header X-Forwarded-For $proxy_protocol_addr;
}
# ...Certbot security settings...
}
server {
if ($host = <site>) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name <site>;
listen 80;
return 404; # managed by Certbot
}
以下是我可能提出的请求类型的格式:
curl --location --request POST '<Load balancer URL>' \
--header 'Authorization: <Basic Auth for Backend>' \
--header 'Content-Type: application/json' \
--data-raw '
<JSON formatted request>
'
使用“-v”标志返回:
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying <IP>:443...
* TCP_NODELAY set
* Connected to <Load Balancer URL> (<IP>) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=<Country>; ST=<State>; L=<City>; O=Cloudflare, Inc.; CN= <...>
* start date: May 27 00:00:00 2020 GMT
* expire date: May 27 12:00:00 2021 GMT
* subjectAltName: host "<Load Balancer URL>" matched cert's "*.<...>"
* issuer: C=<Country>; O=Cloudflare, Inc.; CN=Cloudflare Inc <...>
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55f8f7998820)
> POST / HTTP/2
> Host: <Load Balancer URL>
> user-agent: curl/7.68.0
> accept: */*
> authorization: <Backend Authentication>
> content-type: application/json
> content-length: 27
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
* We are completely uploaded and fine
< HTTP/2 405
< date: Thu, 11 Mar 2021 13:58:46 GMT
< content-type: text/html
< set-cookie: __cfduid=d89c9a3af7f0a5bf4a217c57c9b2458711615471126; expires=Sat, 10-Apr-21 13:58:46 GMT; path=/; domain=<...>; HttpOnly; SameSite=Lax; Secure
< cf-cache-status: DYNAMIC
< cf-request-id: 08c32e3ef70000f03155b09000000001
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< set-cookie: __cflb=04dToTKvCmh27ted7uGQoG5sVWTpTxCb8xpz4UsNcD; SameSite=None; Secure; path=/; expires=Thu, 11-Mar-21 14:28:46 GMT; HttpOnly
< strict-transport-security: max-age=15552000; includeSubDomains; preload
< x-content-type-options: nosniff
< server: cloudflare
< cf-ray: 62e54cab2d88f031-EWR
<
<html>
<head><title>405 Not Allowed</title></head>
<body>
<center><h1>405 Not Allowed</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>
* Connection #0 to host rpc-testnet.diviproject.org left intact
这是我的 nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_names_hash_bucket_size 64;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
并且没有语法错误:
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
我知道我可能遗漏了一些明显的东西,但尽管进行了研究,我还是找不到关于这个主题的任何信息。任何帮助将不胜感激。